1. Problem Description
Tomcat local access log:
59.152.238.163 - - [09/Aug/2015:22:50:06 +0000] "GET /bus/api/v2/odds/fb/1035916 HTTP/1.1" 403 993 0.006 Java/1.7.0_10
Java Exception:
java.io.IOException: Server returned HTTP response code: 403 for URL: https://api.xxbroker.com:443/bus/api/v2/odds/fb/1035916
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1625)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
... ...
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at java.lang.Thread.run(Thread.java:722)
2. Analysis
Inspired by reference [1], 'If you are getting a 403 code, means that the user does not have the required roles. So, athentication is not the problem, is authorization.'
I checked my configuration in database, there was no correct role data for the user in test, after inserted proper user-role information, this 403 error went away. Cheers!
Reference:
[1] http://stackoverflow.com/questions/1279083/403-access-is-denied-after-authenticating